Delete unnecessary NOTICE file with likely incorrect copyright notice#459
Delete unnecessary NOTICE file with likely incorrect copyright notice#459rhatdan merged 1 commit intocontainers:mainfrom
Conversation
Signed-off-by: Richard Fontana <[email protected]>
Reviewer's guide (collapsed on small PRs)Reviewer's GuideThis PR removes an unnecessary and misleading NOTICE file that incorrectly implied the project is copyrighted by the Free Software Foundation, relying instead on the existing GPL license file in the repository. File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request removes the NOTICE file from the repository. The reviewer raised a concern that this removal may introduce legal ambiguity regarding the project's licensing terms, specifically noting a potential discrepancy between the 'or later' clause previously documented and the 'GPL-2.0-only' identifier currently present in the .spec file.
I am having trouble creating individual review comments. Click here to see my feedback.
NOTICE (1-15)
Deleting this file removes the 'or later' licensing clause (line 6) and the explicit warranty disclaimer, which are not provided by the LICENSE file alone (which contains only the verbatim license text). There is a discrepancy between the 'or later' terms in this file and the GPL-2.0-only identifier in the .spec file (line 40). While the FSF copyright is likely incorrect, the notice itself is the standard way to apply the GPL to a project as described in the GPLv2 appendix. If this information is not already present in every source file header, removing this file may lead to legal ambiguity or an unintended change in licensing terms from 'or-later' to 'only'.
So first of all, the Second, the point about "or later":
It's true that there's a discrepancy, which I'd overlooked, but that actually might suggest that the use of 'or later' in the NOTICE file was incorrect and wasn't caught by the maintainers who merged the pull request. It's also generally true, and I didn't think of this, that the NOTICE file may have served a purpose in resolving whether the project is 'only' or 'or later' (except it didn't, because of the inconsistent spec file). But there are various ways to do this that are better. For example, the README.md file could clarify whether the project is 'only' or 'or later'. It is incorrect however to say that the notice is "the standard way to apply the GPL to a project" since (a) most GPL projects don't use this language nowadays, and (b) the language isn't meant to be put in a standalone NOTICE file, which I've rarely seen but is unusual and thus anything but standard.
I'd submit that the likely intent of the project is what's suggested in the spec file, and therefore the NOTICE file has always been wrong, but it's not really a super-important issue. Removal of the incorrect copyright notice is important however. |
|
Thank you so much @richardfontana for the PR and the responses to review bot comments!!! I think most (all?) maintainers had largely ignored the NOTICE file all these years, so really appreciate you pointing this out. Some responses inline..
it's not (and it'd be news to me if it is).
Hmm, I want to say that's correct, but is there a verification tool or anything I could use before answering this?
Yes, the spec file began with If it matters, back in
What would you recommend here as README.md addition? And, should it be done right away? FWIW, my personal preference would be to have something which would not block any potential relicensing effort if we choose to go that route. PTAL @rhatdan @haircommander @TomSweeneyRedHat @jankaluza @containers/container-selinux-maintainers (Ignore any CI job failures) |
|
LGTM |
3 participants
A contributor opened #109 requesting a completely unnecessary NOTICE file, possibly misinterpreting the traditional (now largely outdated) guidance given in the appendix to GPLv2, which has generally been used by some projects as standard language for copyright and license notices in individual source files. This itself was sort of harmless, but the pull request that implemented the change #110 added a Free Software Foundation copyright notice that I would assume is completely erroneous. (That is, I assume this project is not copyrighted by the FSF in general and does not contain anything copyrighted by the FSF, apart from the GPL text itself of course.) The result is that this project has a NOTICE file that has misleadingly implied that the project is copyrighted by the FSF.
This pull request just deletes the file. It was never necessary because there's already a copy of the GPL in the repository.
Summary by Sourcery
Documentation: